Split `*_l4_payload_len' into `*_src_l4_payload_len' and `*_dst_l4_payload_len'.

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2022-08-15 22:55:19 +0200
committer: Toni Uhlig <matzeton@googlemail.com> 2022-08-15 22:55:19 +0200
commit: 0fd59f060e97b558cf0fdd905817945b782845aa (patch)
tree: b41969e5503856d8abdd8d3302c960d36eddd454 /test/results/z3950.pcapng.out
parent: 905545487d9f44970fe36b75de467f8b6f78302a (diff)
1 files changed, 10 insertions, 10 deletions
diff --git a/test/results/z3950.pcapng.out b/test/results/z3950.pcapng.out
index d7ef21873..ee51d6ff8 100644
--- a/test/results/z3950.pcapng.out
+++ b/test/results/z3950.pcapng.out
@@ -1,18 +1,18 @@
 00458{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"z3950.pcapng","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7560000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32,"global_ts_msec":0}
 00547{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"z3950.pcapng","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_msec":1623680697296}
-00584{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1623680697296,"flow_last_seen":1623680697296,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1623680697296,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"193.174.240.93","src_port":58921,"dst_port":210,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
+00692{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1623680697296,"flow_last_seen":1623680697296,"flow_idle_time":7580000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1623680697296,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"193.174.240.93","src_port":58921,"dst_port":210,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
 00465{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_last_seen":1623680697296,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":1623680697296,"pkt":"eJS0JASgYDjgxTWgCABFAAA07vtAAH8Gl6\/AqAJkwa7wXeYpANJ85vsBAAAAAIAC+vCgIgAAAgQFtAEDAwgBAQQC"}
 00464{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_last_seen":1623680697327,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":1623680697327,"pkt":"YDjgxTWgeJS0JASgCABFAAA0AABAADYGz6vBrvBdwKgCZADS5indlQhqfOb7AoAS+vC6GgAAAgQFrAEBBAIBAwMH"}
 00448{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_last_seen":1623680697329,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_msec":1623680697329,"pkt":"eJS0JASgYDjgxTWgCABFAAAo7vxAAH8Gl7rAqAJkwa7wXeYpANJ85vsC3ZUIa1AQAgTz0QAA"}
 00553{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":16,"source":"z3950.pcapng","alias":"nDPId-test","packets-captured":16,"packets-processed":15,"total-skipped-flows":0,"total-l4-payload-len":4151,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":7,"global_ts_msec":1625070123680}
-00585{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":16,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1625070123680,"flow_last_seen":1625070123680,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1625070123680,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"129.187.139.43","src_port":46524,"dst_port":9991,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
+00693{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":16,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1625070123680,"flow_last_seen":1625070123680,"flow_idle_time":7580000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1625070123680,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"129.187.139.43","src_port":46524,"dst_port":9991,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
 00466{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":16,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_last_seen":1625070123680,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":1625070123680,"pkt":"YDjgxTWgABjzZLGICABFAAA0k\/xAAJAGiSTAqAAUgbuLK7W8JweM39PGAAAAAIAC+vDNyQAAAgQFtAEBBAIBAwMH"}
 00466{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":17,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_last_seen":1625070123709,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":1625070123709,"pkt":"ABjzZLGIYDjgxTWgCABFAAA0AABAADUGeCGBu4srwKgAFCcHtbz4JgxZjN\/Tx4ASchDtagAAAgQFrAEBBAIBAwMH"}
 00451{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":18,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_last_seen":1625070123709,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_msec":1625070123709,"pkt":"YDjgxTWgABjzZLGICABFAAAok\/1AAJAGiS\/AqAAUgbuLK7W8JweM39PH+CYMWlAQAfbNvQAA"}
-00660{"flow_event_id":5,"flow_event_name":"guessed","thread_id":0,"packet_id":26,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":8,"flow_first_seen":1623680697296,"flow_last_seen":1623680698846,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":4151,"midstream":0,"thread_ts_msec":1625070132777,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"193.174.240.93","src_port":58921,"dst_port":210,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"Z3950","breed":"Acceptable","category":"Network"}}
-00591{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":26,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":8,"flow_first_seen":1623680697296,"flow_last_seen":1623680698846,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":4151,"midstream":0,"thread_ts_msec":1625070132777,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"193.174.240.93","src_port":58921,"dst_port":210,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
-00781{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":26,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":4,"flow_first_seen":1625070123680,"flow_last_seen":1625070196998,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":113,"flow_tot_l4_payload_len":368,"midstream":0,"thread_ts_msec":1625070196998,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"129.187.139.43","src_port":46524,"dst_port":9991,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"Z3950","breed":"Acceptable","category":"Network"}}
-00820{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":31,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":10,"flow_dst_packets_processed":6,"flow_first_seen":1625070123680,"flow_last_seen":1625070200217,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":113,"flow_tot_l4_payload_len":411,"midstream":0,"thread_ts_msec":1625070200217,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"129.187.139.43","src_port":46524,"dst_port":9991,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"Z3950","breed":"Acceptable","category":"Network"}}
+00772{"flow_event_id":5,"flow_event_name":"guessed","thread_id":0,"packet_id":26,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":8,"flow_first_seen":1623680697296,"flow_last_seen":1623680698846,"flow_idle_time":7580000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":116,"flow_dst_max_l4_payload_len":1452,"flow_src_tot_l4_payload_len":233,"flow_dst_tot_l4_payload_len":3918,"midstream":0,"thread_ts_msec":1625070132777,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"193.174.240.93","src_port":58921,"dst_port":210,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"Z3950","breed":"Acceptable","category":"Network"}}
+00703{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":26,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":8,"flow_first_seen":1623680697296,"flow_last_seen":1623680698846,"flow_idle_time":7580000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":116,"flow_dst_max_l4_payload_len":1452,"flow_src_tot_l4_payload_len":233,"flow_dst_tot_l4_payload_len":3918,"midstream":0,"thread_ts_msec":1625070132777,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"193.174.240.93","src_port":58921,"dst_port":210,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
+00892{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":26,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":4,"flow_first_seen":1625070123680,"flow_last_seen":1625070196998,"flow_idle_time":7580000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":84,"flow_dst_max_l4_payload_len":113,"flow_src_tot_l4_payload_len":212,"flow_dst_tot_l4_payload_len":156,"midstream":0,"thread_ts_msec":1625070196998,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"129.187.139.43","src_port":46524,"dst_port":9991,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"Z3950","breed":"Acceptable","category":"Network"}}
+00931{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":31,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":10,"flow_dst_packets_processed":6,"flow_first_seen":1625070123680,"flow_last_seen":1625070200217,"flow_idle_time":7580000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":84,"flow_dst_max_l4_payload_len":113,"flow_src_tot_l4_payload_len":212,"flow_dst_tot_l4_payload_len":199,"midstream":0,"thread_ts_msec":1625070200217,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"129.187.139.43","src_port":46524,"dst_port":9991,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"Z3950","breed":"Acceptable","category":"Network"}}
 00556{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":31,"source":"z3950.pcapng","alias":"nDPId-test","packets-captured":31,"packets-processed":31,"total-skipped-flows":0,"total-l4-payload-len":4562,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":2,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":16,"global_ts_msec":1625070200217}
 ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
 ~~ packets captured/processed: 31/31
@@ -22,10 +22,10 @@
 ~~ total active/idle flows...: 2/2
 ~~ total timeout flows.......: 1
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 6009148 bytes
-~~ total memory freed........: 6009148 bytes
+~~ total memory allocated....: 6009164 bytes
+~~ total memory freed........: 6009164 bytes
 ~~ total allocations/frees...: 120913/120913
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 ~~ json string min len.......: 453 chars
-~~ json string max len.......: 825 chars
-~~ json string avg len.......: 625 chars
+~~ json string max len.......: 936 chars
+~~ json string avg len.......: 680 chars
author	Toni Uhlig <matzeton@googlemail.com>	2022-08-15 22:55:19 +0200
committer	Toni Uhlig <matzeton@googlemail.com>	2022-08-15 22:55:19 +0200
commit	0fd59f060e97b558cf0fdd905817945b782845aa (patch)
tree	b41969e5503856d8abdd8d3302c960d36eddd454 /test/results/z3950.pcapng.out
parent	905545487d9f44970fe36b75de467f8b6f78302a (diff)